Question about the variation in the knowledge thought throughout the wide range of qualifications from different providers, and even in different courses from the same providers.

After fantastic advice here I've taken up and am working through my eCPPT certification. Overall I'm finding it not to bad, but I'm noticing a lot of overlap with self taught knowledge I obtained through reading a ton of books on security related topics (I.e. Web Application Hackers Handbook, etc).

Digging deeper into many of the syllabuses of further certificates, I'm noticing a lot of the material seems common throughout. Information gathering techniques, enumeration, vulnerability assessment, exploitation, post-exploit and maintaining access etc. Now obviously this is always going to happen to a point - these are central tenants of pen testing! My question is though how much value do you see in doing a range of certificates? Does this change if we're talking the same organisation vs different organisations?

I.e. What percentage of knowledge overlap would there be between OCSP and OSCE? Would someone who has completed OSCP & OSCE get value out of obtaining GPEN? Is every course going to talk about the variant of nmap scans or do they start getting more specialized rather than 'from the ground up?' and hence rehashing a lot of the fundamentals.

These answers help me figure out the value of pursuing multiple certificates. If a certificate is $1000+ but I gain a heap of new knowledge then I think it's fantastic value. If it costs $1000+ and I relearn 90% of the knowledge from other courses, but only 10% new then it's value relatively goes down. I also must note that I'm not meaning to be critical in any way of eCPPT when I'm asking these questions, it seems to be a good course. As I'm fortunate enough to be doing this out of interest (at this stage) rather than for career purposes I can be a bit more choosy with the qualifications I pursue.

You'll see overlap because there is a methodology to pen testing. Techniques, however, are different between vendors. Depending on who you ask, you'll get different answers on which pen test certs are "worth it." One could argue that taking ALL of them would fill in the gaps the other vendors might have. Obviously, unless you have an unlimited training budget, that's not likely realistic, so you need to prioritize what you want.

As you've noticed, there are several "beginner" pen test certs and far less "advanced" ones. GXPN claims to be advanced, and it certainly is more advanced than some of them but in my opinion its lacking in some areas, for example.

A point of clarification:

What percentage of knowledge overlap would there be between OCSP and OSCE? Would someone who has completed OSCP & OSCE get value out of obtaining GPEN?

OSCE and P are very different certs. OSCP is pentest focused, OSCE is exploit development focused (mostly).

I personally started with OSCP and then went back and looked at the GPEN material. I decided that I wanted to spend that 5K somewhere else.

However, at my company we like to push people into GPEN first, then push them to OSCP. They seem to work well together.

Keep in mind, a lot of this stuff is teaching you methodology and "how to think" the rest is really just sharpening your own techniques and skills. Regardless of all the education you get, the best way to get really good at this, is to get real world experience in real environments.

Personally, I took the PWB (OSCP) course then self-studied for GPEN. The overlap is obviously huge because they are competitors targeting the same market. While OSCP is way more hands-on, GPEN focuses more on Windows based tools and the whole legal aspect of penetration testing.

So I took the PWB course for the content and I wrote the GPEN exam for the cert who is required on some contracts where I live. So if you're smart about it, you can get the most of the trainings/cert at a lower cost...